Key Findings from the McAfee Labs Threats Report March 2018
Endpoint security solution provider McAfee today unveiled their McAfee Labs Threats Report: March 2018, which examines the evolution of digital threats—including malware—in Q4 2017. McAfee researches and compiles digital threat intelligence in a new report every quarter.
In a statement, McAfee’s Chief Scientist and Fellow Raj Samani said: “The fourth quarter was defined by rapid cybercriminal adoption of newer tools and schemes—fileless malware, cryptocurrency mining, and steganography. Even tried-and-true tactics, such as ransomware campaigns, were leveraged beyond their usual means to create smoke and mirrors to distract defenders from actual attacks. Collaboration and liberalized information-sharing to improve attack defenses remain critically important as defenders work to combat escalating asymmetrical cyberwarfare.”
Among their discoveries, McAfee Labs notes that cryptojacking had significantly increased in Q4 2017, matching the rising interest in and value of cryptocurrencies. There is also evidence of hackers moving away from mining Bitcoin to mining other digital currencies of less prominence. These offer higher payouts, signifying evolution in cyber crime tactics.
Key findings from the McAfee Labs report include:
- Q4 2017 saw an average of 8 new malware samples per second, a significant increase from the previous quarter.
- Powershell exploits grew by over 200% in the quarter, and over 400% yearly.
- 2017 saw a 59% yearly increase in ransomware, 35% in Q4.
- Ransomware tactics became more creative and more oriented to enterprise process disruption than financial gain.
- The healthcare industry suffered an increase of security incidents in 2017 of over 200% compared to 2016. This is despite a decrease in Q4 2017.
- 2 botnets, Necurs and Gamut, were responsible for 97% of spam botnet traffic in 2017.
- New mobile malware saw a marked decrease of 35%, but Mac OS saw an increase in new malware samples of 24%.
McAfee Labs bases its findings on threat data gathered by their Global Threat Intelligence cloud, incorporating millions of sensors across varied threat vector. You can read the full report here.